The KDE Security team has issued an advisory on a vulnerability present in all versions of KDE that allow a remote attacker to execute arbitrary commands under your account. KDE 3.0.5b and KDE 3.1.1a have been released to address this problem. For KDE 2.2.2 patches to the KDE 2.2.2 sources have been made available.

KDE uses Ghostscript software for processing of PostScript (PS)
and PDF files in a way that allows for the execution of arbitrary
commands that can be contained in such files.

An attacker can prepare a malicious PostScript or PDF file which will
provide the attacker with access to the victim's account and privileges
when the victim opens this malicious file for viewing or when the
victim browses a directory containing such malicious file and has
file previews enabled.

An attacker can provide malicious files remotely to a victim in an
e-mail, as part of a webpage, via an ftp server and possible other
means.

OS vendors and KDE package providers have been alerted and the we expect them to provide updated binary packages shortly. The following updates are already available from the KDE ftp mirrors:

Just use the viewer from the creators of the PDF - Adobe Acrobat Reader.
There is linux version - very nice one.

And something more to add, it seems that Adobe are moving on the curve to start using QT for their products. May be just rumors. However I will not be surprised if next version of Photoshop is QT based and also available for linux - then asta la vista gimp. For making you sure that new QT curve that happens in Adobe is not just rumor (may be it still is) check this:http://www.trolltech.com/newsroom/announcements/00000120.html

QT & KDE forever! Use Adobe Acrobat Reader for Linux if you want to view PDFs.

Why not to pay money if it's good?
Why one things that software should be free?
Also we are talking about Adobe Acrobat Reader which is free softare.

And something to add about the old topic for adoption of linux as business desktop. Some people beleive that linux can possibly dominate one day on business desktop, with only free software installed. This is total mud. Just impossible. For adoption of one platform as corporate platform some money should be invested and big amount of PROFESSIONAL and COMMERCIAL apps available - like Photoshop. Relating with the current example one professional designer will never use linux before he has programs like Photoshop, CorelDraw etc. And talking about using GIMP for professional work is unserious (not saying that GIMP is unprofessional but far from Photoshop).
My sister is professional designer and i tried several times to point her attention to linux and GIMP but unsuccessful, however she appreciate highly the cool design of my KDE desktop. And be sure she would use Linux for professional work if there was available linux version of Adobe Photoshop. Just to mention with wine only 4.0 and 5.0 works fine.

Anyway think about it - commercial quality software is needed for linux to konquer the business desktop!

I agree. My company already buys licenses for Photshop/Win.
If there was a Photoshop/Linux we certainly would buy some.
We would even pay for a GIMP which runs in a _single_ window!
GIMP's user interface is really awful. And please don't keep telling me
that it's in fact a good idea to have thousands of separate cluttered windows,
no reasonable menu bar, and a stone-age file open dialog. I bet no
UI expert has ever seen that thing or he would've dropped dead on the spot.
I know, with GNOME the thousands of windows would be managed by the
window manager. That's what they keep telling us. But I don't use GNOME.
And I don't want to use it because otherwise my whole desktop would have a UI
like GIMP. Those GNOME folks are real nerds IMO. They can create programs
with an amazing bunch of functions but no decent UI at all. And the best thing
is: They really thing it's great. Muahaha! No way - I don't want to go back
to Windows 2.0 UI only because they say it's faster and simpler. It's not.
Unfortunately there are not many alternatives. Some of them don't support
PSD files and others (like Corel PhotoPaint for Linux) are so dead slow that you
rather boot to windows, edit your picture, and boot back to linux.
What's really missing is a KDE photo editor with PSD support.
Krita is dead. So what has happened to Mosfet Paint BTW?

I don't agree much on the need of a new interface for Gimp, but it's true that sometimes one can get lost on so many windows, that lose focus.... Isn't there an easy way to have them all in focus before the rest of the apps?

Well, yes.. Gimp can get cluttered by multiple windows but does it really help to unclutter the windows if you have a big window under them all (ala. Photoshop) ?
Well, maybe in Windows where you don't have Virtual Desktops. Gimp is developed for Linux where Virtual Desktop has been available for virtually always. But, yes.. if Adobe releases Photoshop for Linux it will be on our companys computers. Gimp just isn't there yet but it is still a very good program.

1. The standard answer to this whining is by people who don't do more with gimp than gif animations for their personal homepage

2. KDE is a very nice window manager don't you think?

I think most people who defend Gimp are loudmouths. I am trying to actually USE this program in game development, and you know what? It sucks. Currently, Linux has NO gfx app. That's the truth. Unless you consider KPaint a Deluxe Paint killer.

I tried using GIMP. It's crap. You're right on with the interface. Damn that thing is horrid. Ironic that a program for graphic manipulation and graphic design would have the all the beauty and grace of a severed limb.

I really like what the program can do, but I don't like the billion+1 window arrangement or the trillions of dialog boxes.

Nonsense... Adobe may think about a QT-based Acrobat Reader... but that's it for now. Don't ever dream of a company like Adobe tiing one of their major products (like Photoshop) to the small Trolltech company... Maybe Adobes developers really think QT is a cute thingy and maybe more fun to program in than Visual C++'s native classes but the strategists at Adobe will strongly advice against porting Photoshop to QT for one simple reason: A major rewrite of tons of code could only be done once (even by a big company like Adobe). If something goes wrong, there will be no way back (you can not afford to loose _two_ release cycles just with ports and rewrites and no feature additions)

Actually if Adobe chooses QT as their toolit for Photoshop and their other products they can only win because as we know they are anow maintaing Mac and Win32 version of their product. And if they choose QT they will maintain only one version for all platforms.

Right. In addition, considering they are already maintaining seperate versions for Windows and Macs, they have already built an abstraction layer. All they have to do is create a version of that abstraction layer for Qt. That's not difficult at all. This would also open up a whole nother market for them: Unix/Linux users.

Guess what, science labs all over the world have been moving to linux (especially for linux clusters) and scientists do use photoshop to work on the images generated by their expiriments. I rather doubt they'll pay Trolltech for Qt use for Windows and Macs, considering they already have code written for both platforms. However, programming with Qt is extremely easy, definitely WAY easier than M$'s bug-ridden MFC crap.

and could find no tag to use in webcvs (perhaps because of propagation delays). What is the correct cvs tag to use for the 3.1.1a release? I can make the obvious guess, but I would prefer the definitive answer instead.

Well, that seems to update *lots* of stuff. More than the mere patch files contain.

And (offtopic): I generally think that the CVS tags (Releases and branches) should be
documented a little better. It's not clear wether KDE_X_Y_BRANCH is the same as the
latest KDE_X_Y_Z_RELEASE. Also, tags for KDE and KOffice are interweaved within
kde-i18n. IMHO, files not belonging to core kde shouldn't go into kde-i18n.

Since I upgraded to MDK 9.1 and compiled QT 3.1.2 and KDE 3.1.1 I have had a lot of hangs in KDE. I think it has to do with a hell of a lot of debug output to every file defined as errfile in the /etc/X11/Xsession ($HOME/.xsession-errors and /tpm/xses-$USER).
It also starts generationg a lot of .fonts-cache.XXXXX files in my home-dir and the same files in /tmp but here they are called .resolv.conf.XXXXX. This font thingy seems to happen when I turn on preview of text files in konqueror.
The comands writing this crap to disk is kdDebug, kdWarning, kdError and kdFatal defined in /kdelibs-3.1.1(a)/kdecore/kdebug.h(cpp)???

Hey, is it just me, or since I upgraded kdebase and kdelibs to 3.1.1a a very annoying bug in konqueror has disappeared. I mean now I can click the middle button on a link in a webpage and a new tab pops up immediately without waiting to contact the server. Since my internet connection is not very fast (115kbps) I often had to wait a while until a new tab was spawned and only then continue middle-clicking. I use tabbed browsing a lot, for instance when I am browsing sites like kde-look.org I always open screenshots in new tabs. With this bug konqueror was less comfortable to browse with than mozilla. And now the bug is gone!
WHOA!!! COOL!!!